If your routing table isn’t correct, then you’ll have some significant traffic flow problems. In this video, you’ll learn about next hops, loopback addresses, and how to step through a series of routing tables to follow the ingress and egress of traffic through your network.
<< Previous: Broadcast Domains and Collision DomainsNext: Route Aggregation and Redistribution >>
If we’re working on a layer 3 device, like a router, and we’re trying to figure out how traffic is getting from point A to point B, we are going to be most interested in what the hops are. A hop is when a packet passes through a router.
And we’ll often want to know what the next hop might be. We’re looking at the routing table. We’re looking at inbound traffic. We’re trying to determine what its destination is. And we’re trying to calculate, based on what’s in the routing table, is it going to the next hop.
That’s because our routers don’t need to know how to get everywhere. They just need to know how to get to the next place. And we’re going to rely on the router at the next place to then get to the next hop after that. So we’ve created this string of routers between ourselves and our locations out on the internet.
And none of those routers happen to know the entire path on how to get all the way out to the internet and all the way back again. All they know are the local networks and what the next hop might be.
One of the challenges you have when you’re working with routers and trying to configure them is that sometimes mistakes can be made. And you might configure router A to say that the best way to the destination is to go to router B. And router B’s routing table may say the best way to go to the destination is to go to router A. So you end up seeing a packet go back and forth and back and forth and back and forth.
Well if there was no way to get rid of that packet you would have that loop around forever. Fortunately in IP version 4 we have something called “Time to live.” And every time a packet goes through a router it decreases that time to live by one. And when the time to live gets to zero the router discards that packet and removes it from the network. In IPv6 this is called a hop limit. And this is going to keep this packet from looping around indefinitely inside of our network.
If you’re configuring a routing table inside of your routers or your firewalls or other layer 3 devices you’re going to need to know the exact path the traffic is going to take. And most importantly, you need to know where this network destination is. And you need to know the next hop.
So you’ll generally get this information from network diagrams or information you know. Occasionally the next hop will be at a third party location. And you would have to contact a third party to determine what is the next hop I should configure inside of my device.
This is why we need to troubleshoot based on the routing tables. Because if we have the next hop or the destination set improperly the traffic is not going to be able to get out to where it needs to go. And we also have to think about the traffic on the way back and set our routing tables for the destinations that are inside of our network.
If we’ve set our next hop incorrectly we could easily set up a routing loop So that traffic is constantly circling around. Or we may be sending information to a router that doesn’t actually exist. In either of those cases, traffic is not going to get to where it needs to go. And we need to make changes to our routing table to correct what that next hop destination is.
One very common administrative feature that we can configure inside of our routers is a loopback interface. This is an IP address that we configure inside of our router that’s always going to be available because it’s a virtual address. It’s on the inside of our router. It doesn’t specifically touch a physical interface on the device.
This is similar to the internal IP address that a workstation or a device might have of 127.0.0.1. But when you’re configuring a loopback address inside of a router you get to decide what the IP address is. In fact, other than it being an internal, virtual, non-physical address, it works exactly the same as the physical interfaces on your router– has an IP address.
It has a subnet mask. You can list it in routing tables. And you can reference it as a next hop and use it. Because you always know that it’s going to be available as long as that router is turned on.
It’s very common to see this used for things like next hops, especially if you have redundant routes and you need to always reference some type of internal address. So we might set this up as a management interface inside of the router. It might be an SSL VPN destination. We might use it as a router ID. But it’s some type of external reference so that if we need to contact that specific router we’re always going to have an internal IP address that will always be available.
As an end user we rarely think about the routes that our traffic is taking when we’re communicating out to the internet. But it is a relatively complex path. And our devices that are along the way have to make decisions about where this traffic is going.
That’s why all of these devices along the way have a routing table inside of them. It’s a big list of directions, just like you would have with a map or a diagram that shows how to get from point A to point B. And every time we hit a new stop our packets ask for directions.
How do I get to Google? Oh, I go this way? Off I go. And when we get to the next hop we ask again. I’m on my way to Google. What’s the best direction to take? It’s our workstations and our routers. All of these layer 3 devices between us and our final destination have a routing table.
And we can look inside our own computers and inside every router along the way and list out exactly what the route looks like. We’re going to need this if we start troubleshooting or we need to analyze what is the path that a packet takes between point A and point B.
Let’s analyze the routing table on our computing device down here to begin with. And let’s step through each one of these routes and see if we can determine what this is. If you’re on a Windows device you can type route print at a command prompt. And you’ll get similar routing table.
Well if we look at the very top the first destination is an all zeros slash zero address. That is a default route. That is if no other route inside of this routing table matches the outgoing traffic, we’re going to default to this destination, which means when we get through the rest of these, we’ll be able to make that routing decision. The gateway to get to all other locations is 192.168.1.1. And we can see by our picture that is the router that’s local to us on this particular subnet.
The interface to get to that gateway is 192.168.1.22. That is the IP address of my workstation. Apparently I only have one single interface on this device. And the metric to get to that is 10. That means that if there is a better route somewhere down the line that has a smaller metric, I would take that one instead.
There is a 127.0.0.1/8 destination inside of my routing table. And for those that are familiar, that is the loopback address. Every device has a loopback address. And the 127 is the thing that tells us this is the loopback network.
The gateway here is internal to my device. You don’t see it on this diagram, but every device has a 127.0.0.1 inside of it. And the interface, obviously, would be the same metric of 1. It is local. It’s internal to my device. You really can’t get a better metric than that.
And then there are some other networks that are listed in my routing table. 192.168.1.0/24– that entire subnet I can reach by going to 192.168.1.22, because it’s local to my particular computer. The interface to get there is obviously the same. And the metric is listed as 10.
This particular device only knows about the local subnet. So you’ll see the next two entries in the routing table are 192.168.1.22/32. So this is a very specific device. We’re not talking about an entire subnet. We’re talking about an individual IP. And the gateway there is an internal address, because that’s our local IP address on our device. And obviously, you get there would be a local address as well.
The other listed IP address in our routing table is 192.168.1.255, which is a broadcast address for this network. And to send a broadcast to this network the gateway would be my local IP address of my interface. And of course, the interface IP is exactly the same in that case.
So this device really doesn’t know anything other than itself and what a default route might be for the rest of the world. It’s going to send all traffic effectively out 192.168.1.1. It’s going to send everything to our local router. And we’re going to hope that that local router knows where to send all of the traffic from there.
Let’s now change our focus to look at the routing table inside of that next route or that next hop, which is this router, which has two interfaces on it. It has a 192.168.1.1. It has a 10.1.10.14. So there are two networks that this particular router is connected to. And we should see those networks listed in our routing table.
This router also has a default route, a 0.0.0.0/0, which means that if there’s any traffic that’s not specifically listed in the routing table, go to 10.1.10.1, which is this gateway up here on this next router. And leave 10.1.10.14’s interface to get there and it points you directly that direction.
It doesn’t know anything other than the local subnets and where the default route might be, which is fine. We’re going to send the traffic on its way. We can keep our routing table relatively small and only rely on things that we need to know as this single device.
The rest of the routing table is the local subnet. So we can see 10.1.10.0/24 is this local subnet and the local IP addresses associated with that interface. And we have the local network 192.168.1.0, which is where our workstation lives.
So if traffic is inbound into this device and it has a destination network address of 10.1.10.0, then it’s going to send it out this interface on the top. If it’s an IP destination that is 192.168.1.0 in that network it’s going to send it out the 1.1 interface down to our workstation.
Let’s look at the next device on our list, which is this router just before the internet. And it has a number of things that are very similar to the routes that we’ve just looked at. There are some differences as well. At the very top is a default route to get to the internet.
We’re going to go to 18.104.22.168. And that is probably one is out here on the internet. We don’t even see it in our list of local devices. To get there we depart the interface 22.214.171.124. That is our egress interface to get out to the internet.
Notice that we don’t have to know where every single device happens to be on the internet. We just have to know what the next hop is. And this way we’re able to keep our routing tables very small and distribute the path of how to get from point A to point B through all of the different devices in between.
This particular router knows about its local network of 10.1.10.0. That’s the one that’s between these two routers. It also knows about the 126.96.36.199 network, which is the network between this router and probably a router at the ISP that’s providing us with that internet connection.
Notice also that this router has an extra route down here at the bottom for 192.168.1.0. And to get to that network you go through the gateway of 10.1.10.14, which is down here. And you use interface 10.1.10.1 to be able to get to that particular gateway. That’s because this router’s not directly connected to the 192.168 network.
The only way that it would know how to get there is if there was a very specific routing table entry that pointed it down this direction. If that route was not there and traffic was inbound to the 192.168 network it would use its default route and send it right back out the internet, which is the wrong direction.
This is the important part about using and troubleshooting with routing tables. You need to look at every router through every hop along the way. And you need to examine not just how traffic is departing or egressing onto the network, but we also have to consider the ingress, the traffic coming inbound to us, and how the traffic will be routed every step along the way.
If you are using static routing, which means you are manually configuring these routes inside of your devices, or if you’re using dynamic routing, which means that the devices themselves determine how to get best from point A to point B, there can still be decisions that are made in the routing that are incorrect.
If we look at the routing table for this top router, we can see that it’s similar to the routing table we were just looking at. But if one single thing is changed, you’re going to have a problem with the entire path.
For instance, in this case the gateway is set to 188.8.131.52. Now notice this device, the 221.5 device, is out here on the internet. It’s probably at our ISP. We don’t know how that device is configured. We don’t know the IP addressing. We’re relying on the ISP to tell us what is the next hop. What should we configure inside of our devices as being the default gateway for all of our traffic to the internet?
And if we configure it incorrectly inside of our router, or we’ve chosen the wrong gateway– perhaps somebody gave us the incorrect IP addressing– we’re going to put that into our routing table and the router will not be sending the traffic to the right location.
So it’s very important to go through every single one of your routing tables, confirm the route going out and coming in, and confirm that you’re able to reach those default gateways.